Quote:Cheсk Point’s research team once got a message from a Bloomberg journalist named Martyn Williams, who had been forwarded a copy of a North Korean antivirus by someone allegedly from Japan. One does not encounter North Korean software often, so experts Mark Lechtik and Michael Kajiloti were only too glad to see what the antivirus tool was like. They presented the results of their study at the hackers’ congress 35C3.

But before we discuss the North Korean antivirus product, we should probably briefly cover the relationship North Korea has with the Internet and vice versa.

North Korea’s role in developing the global network

Attribution — crafting a justified claim that a specific group from a specific country attempted a specific attack — is an altogether hit-and-miss business. Interpreting evidence is difficult, following the wrong lead is easy, and so forth. Yet at some point, several research groups were jointly attributing some attacks to North Korea. It is also widely believed that North Korea uses state-supported groups of hackers, whose business is to earn money for the regime. Of course, DPRK officials deny this.

That said, the Internet as such is virtually nonexistent in North Korea: the World Wide Web can be accessed only by a chosen few, whereas the bulk of the population is restricted to the domestic intranet, which is called Kwangmyong: a network purged of all information from “the decaying West.” The West, in turn, also has little opportunity to peep into the North Korean network, so every bit of information on the subject is a treat.